Firefox Zero-Day DoS Discovered

A Javascript handling issue in the latest version of the Firefox browser can be exploited to cause a buffer overflow and crash the browser.

Javascript Handling Issue Causes Crash

Proof of concept code provided in the Milw0rm exploit advisory did cause a Firefox 1.5.0.2 browser to crash immediately. That behavior prompted both the Mozilla feedback agent and Microsoft’s error reporting tool to launch and request permission to send the details of the crash along to the respective organizations.

The milw0rm alert carried a description of the problem that will likely prompt Mozilla to provide a quick update:

A handling issue exists in how Firefox handles certain Javascript in js320.dll and xpcom_core.dll
regarding iframe.contentWindow.focus(). By manipulating this feature a buffer overflow will occur.

The exploit exists in Linux as well as Windows versions of Firefox.

Mozilla recently released Firefox 1.5.0.2 on April 13th. The update provided security fixes for nineteen problems in the browser, with eleven of those rated “critical” by the organization.

Overall, Firefox has fared better than Internet Explorer, the world’s most widely used browser, when it comes to security issues. As the Firefox browser grew in global market share to the ten percent range, the number of people trying to find problems with it has likewise increased.

Mozilla has been able to keep the browser updated a little more quickly than Microsoft has with IE. When a potentially dangerous IE flaw became publicly known after Microsoft issued its March security patches, a pair of third-party security companies released unofficial patches for the problem when Microsoft appeared to refuse to release a patch outside of its regular release cycle.

Microsoft did not recommend the use of those patches from eEye and Determina because of the modifications the patches would make to windows. Both companies noted that their patches could be easily uninstalled when an official patch was released.